class AccountController < ApplicationController
  layout  'admin'
  before_filter :initvars
  before_filter :login_required, :only => [:change]

  def login
    case request.method
      when :post
      if session[:user] = User.authenticate(params[:user_login], params[:user_password])
        #redirect_back_or_default :controller =>"media",:action => "list"
        redirect_back_or_default :action => "welcome"
      else
        flash.now['notice']  = "Login unsuccessful"
        @login = params[:user_login]
      end
    end
  end
  
  def change
    @user=User.find(session[:user].id)
    case request.method
      when :post
      if @user.update_attributes(:login=>params[:user][:login],:password=>params[:user][:password], :password_confirmation => params[:user][:password_confirmation],:email=>params[:user][:email])
        flash.now[:notice]="Password Changed"
        redirect_to :controller =>"media",:action => "list"
      end
    end
  end
  
  def signup
    if User.count >0
	    redirect_to :action => 'nosignup' and return
	  end
    @user = User.new(params[:user])
    if request.post? and @user.save
      session[:user] = User.authenticate(@user.login, params[:user][:password])
      flash['notice']  = "Signup successful"
      redirect_back_or_default :action => "welcome"
    end
    
  end  
  
  def logout
    session[:user] = nil
    redirect_back_or_default :controller =>"media",:action => "list"
  end
    
  def welcome
  end
  
  def nosignup
    @settings=Setting.find(:first)
    session[:user] = nil
  end
  
end
